For many years there has been much effort made to maintain the confidentiality of conversations between parties over telecommunications equipment. Conversations that are carried out on telephonic equipment are particularly vulnerable to eavesdropping, as the eavesdropper has a number of options that may be used to intercept voice audio from the telephone conversation. One option is to penetrate the telephone circuit between the telephone instrument and the telephone company switching office; there exist a wide variety of eavesdropping devices that can be connected to the telephone circuit for monitoring the conversation.
To meet this eavesdropping threat, there have been developed a number of types of telephone voice encryption devices that digitally encode the voice before transmission and decode at the receiving end; for example, units that utilize high-grade algorithms, such as U.S. Data Encryption Standard (DES) and proprietary algorithms, preferably in conjunction with RSA Public Key Technology (RSA Data Security, Inc., Redwood City, Calif.), such as the Motorola, Inc., Government Electronics Group (Scottsdale, Ariz.) SECTEL series, or unique systems such as the U.S. government STU-III. In most cases, commercial telephone encryption equipment cannot provide total voice security due to the eventual breakdown of intercepted data, but remains the equipment of choice for use on telephone lines when the conversational content is sensitive in nature. Whatever security provided by telephone encryption equipment, however, is cancelled if the eavesdropper has targeted the room that contains the secure telephone equipment. Although such eavesdropping will only provide one side of a conversation, that may be sufficient to provide the intelligence needed to accomplish the mission at hand.
Accordingly, there has been much effort directed toward protecting the room or area containing the telephone equipment from eavesdropping. An eavesdropping method commonly used is to intercept the room audio and transmit it with a radio frequency transmitter planted in the room, in a person's clothing, or in a small object that a person would use--such as a pen or pocket calculator. Other methods of intercepting room audio use carrier current devices attached to existing building AC wiring; such systems transmit converted room audio to a compatible remote receiver. A concealed, hard wired microphone is another method. Laser monitoring systems which may be located in a nearby building utilize an invisible laser beam to monitor either an object in the room or a room window which may be emulating room audio. Another method exists that utilizes remotely generated microwave RF frequencies and a concealed, passive cavity device in the target area. Devices operating in the near-infrared (IR) range deliver modulation via non-visible light waves and may be intercepted through target room windows using specialized receiving equipment from considerable distances. All of these methods depend on delivery from the target room of a modulated signal that is transformed back into an audio signal at a remote location, commonly known as a listening post (LP).
A highly sophisticated method of eavesdropping is to monitor RF and low frequency magnetic emissions that may emanate directly from internal circuit components of a particular device. The study of such emanations is known in security circles as "tempest". In the case of a secure telephone instrument, it is possible to intercept emissions radiated from internal circuit boards in clear voice, prior to electronic encryption processing, thereby compromising user voice security during a secure telephone conversation. Tempest emanations are very limited in range. However, this near-field radiation is a security threat in instances where the eavesdropper is highly skilled, equipped with specialized receiving equipment, and able to occupy an area in close proximity to the target instrument. Tempest emissions can also induce signals into nearby electronic equipment and miscellaneous area wiring, and by this means travel to various remote points where signals can be intercepted. Some manufacturers of security equipment, including secure voice equipment, offer tempest-protected versions of their products; such devices are oftentimes protected by RF filtering and enclosing specific internal components, or the entire device, in metallic, RF shielding material. Similar telephonic devices may be tempest certified in accordance with U.S. government established standards, for example, the GE STU III manufactured by GE Government Communications Systems Division (Camden, N.J.) or the STU III by Motorola Inc. (Schaumberg, Ill.). Another method is to place an entire device in a small RF shielded enclosure. Quality enclosures will provide tempest protection to specifications exceeding -100 dB (20 KHz&gt;1 GHz).
It is also possible for expert lip reading personnel to obtain conversational information using telescopic instruments to directly monitor persons in the room. The utilization of a lip reader, although extremely rare, should not be discounted by the security practitioner.
There are a number of available countermeasures for the protection of room audio. The room or area containing the telephonic equipment may be alarmed and guarded. Also, technical experts can be used to perform technical surveillance countermeasures sweeps (TSCM). Such sweeps, however, afford only short-lived security and cannot be guaranteed due to their technical limitations, the difficulty of performing an exhaustive sweep, and the eavesdropper's possible awareness of the scheduled sweep and subsequent temporary removal or remote deactivation of the listening device. This drawback may be overcome to some extent by installing in the area RF spectrum detection equipment that continuously monitors for extraneous radio signals. Even these systems, however, are ineffective against wired devices such as a microphone with concealed wiring, previously described near-infrared devices, external laser systems, and certain highly sophisticated frequency hopping RF transmitters.
Room audio may also be masked with audible noises designed to constantly modulate, at voice range frequencies, microphone elements or specific surfaces such as walls that may have listening devices planted on the other side, and windows to prevent laser interception. Noise systems of this type use speakers for general noise distribution and mountable transducers for specific surface protection. One type of noise generated by these systems is known as "white noise" (a static sound with energy spread evenly throughout the frequency range of human speech), or music may be generated, or a sound known as "babel".
Babel is a precision mixture of human voices or synthetic voice sounds, recorded on magnetic tape, on optical disk or may be generated from a chip, and is considered to be an effective masking sound. Babel sounds would be most effective if the frequency profile of the babel sounds closely matched the frequency profile of the person speaking. Such an effect may be accomplished by utilizing electronic equipment designed to constantly sample a person's voice. For example, a person's voice frequency range may be used to control the capstan-drive motor speed on a magnetic tape player, affecting tape playback speed, and continuously adjusting the pitch of prerecorded babel sounds generated by the masking system speakers as different system users speak into a dual-purpose communications/voice sampling microphone during secure telecommunications. A system such as this would be highly effective for masking voice audio.
Variations of masking sound generators such as single channel and multiple channel with mixers that generate random, non-stationary masking noises, will also protect room conversation from the eavesdropper but may not be as effective as babel if the eavesdropper has utilized phased array microphones, adaptive filters, or is equipped with sophisticated computer equipment designed to isolate and separate (subtract) masking sounds from actual voice sounds of intercepted audio. All audible masking systems, however, may add noticeably to the noise level in the room and would make listening to a telephone especially difficult; and in any case above, it is imperative that the volume level of masking sounds exceed the room conversation volume level in order to protect room conversations from eavesdropping.
Other versions of masking systems exist that are somewhat effective. One magnetic jamming system utilizes large coils to induce microphone elements or nearby electronics with electro-magnetic masking frequencies. Another ultrasonic system affects microphone elements with inaudible sound waves. Shortcomings of these systems are the size of the magnetic coils, inability to affect all microphone types, complexity of installation, and complaints of nausea by people exposed to powerful ultrasound.
The preferable option for preventing RF transmissions from the room containing the secure telecommunications equipment is to shield the area with grounded metal mesh, foil, or purchase a walk-in RF shielded enclosure system. RF enclosures are constructed as a room within a room that allow for easy inspection of all surfaces of the enclosure. Some of these enclosures are fully soundproofed as well and require no masking equipment. Installing such sealed enclosures, however, is very expensive, and restricts the user to that specific area. The room that contains the RF shielded enclosure is usually referred to as the parent-room.